Malware // **Fariborz Najafi**
''' Malware''' Malware is short for “malicious software”, which means computer programs that are designed to interfere with normal computing operations. Malware includes computer viruses, worms, Trojan horses, spyware, botnets and any other unwanted software or program. There are two main types of malware: ones that replicate or copy themselves and ones which do not copy themselves. Self-replicating malware includes viruses and worms. A virus is attached to a software program and it modifies or damages a user's computer files. A worm, however, is not attached to a program. It does not usually damage files but it is designed to spread by making copies of itself on other computers on the same network. Worms can send thousands of spam emails to other computers. Spyware does not replicate itself or spread directly like a virus or worm. Instead, its purpose is to gather information about users. Spyware may contain a “key logger” that identifies the user's keystrokes when entering a password or credit card number. Other spyware programs known as “adware” redirect search engine results to paid advertisements or start “pop-up” advertisements. Malware can be transmitted in three ways. Firstly, Malware can be sent to users by email. Emails pretending to be from banks ask individuals to provide their banking passwords. Other emails direct the customer to click on an attachment that can contain a malicious virus. Malware can also be hidden in downloads from the internet. Trojan horses are programs that are hidden within another program. They may appear to be something harmless, such as free internet software download, but a Trojan horse conceals a harmful virus or worm. It may delete the user's files or install more malicious software. For example, the Torpid Trojan stole login credentials from approximately 250,000 online bank accounts as well as a similar number of credit and debit cards (BBC News 2008). Malware can also be spread by sharing portable media such as CDs, DVDs or USB storage drives. If there is malware on the shared media, it will spread from computer to computer. Malware attacks can have serious consequences for individuals, businesses and government computer networks. Malware is short for “malicious software”, which means computer programs that are designed to interfere with normal computing operations. Individuals, businesses and governments are vulnerable to theft and loss of private information, while the costs of preventing and repairing malware are huge for businesses and government. The most significant consequences for individuals are financial loss and invasion of privacy. Identification of private banking information such as user passwords and credit card details through spyware can enable a criminal to steal funds without the user being aware (Teller 2011). Redirection of search engine results to paid advertisements or undesirable websites can persuade individuals to part with money (Zorz 2011). Invasion of privacy is another consequence of Malware, as identity theft is become more common (Australian Privacy Foundation 2009). Implications of malware for businesses are serious. At an organizational level, network and data protection are costly. In the event of a Malware attack, interruption to an organization's website or e-mail systems can cause significant loss of sales and even more importantly, loss of customer trust in the company (Yin 2011). Remediation after a Malware attack involves significant cost to businesses. Consequences of malware for governments can involve loss of sensitive information and increased costs for detection and prosecution of internet crime. Government departments can themselves be targeted by malware, with sectors such as Defense and Social Security being particularly attractive to attack (Davis 2010). Governments are also under pressure to respond to increased cyber attacks by investing huge resources in internet crime prevention, internet crime regulation, additional policing measures and changing legislation for harsher penalties for offenders (Cowdery 2005).